You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2013/06/12 20:22:25 UTC
[16/50] [abbrv] git commit: updated refs/heads/object_store to 18aeef3
CLOUDSTACK-2874: fix the upgrade for the deployment with F5/SRX
combination prior to 3.0 release
Fix does following:
- add F5 network service provider into a physical network if there if F5
deployed in the zone
- add instance of F5 network service provider
- add SRX network service provider into a physical network if there if
SRX deployed in the zone
- add instance of SRX network service provider
- upgrade all the guest networks to network offering '"Isolated with
external providers"
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/c0d89434
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/c0d89434
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/c0d89434
Branch: refs/heads/object_store
Commit: c0d894346a57e61626f332a9ef25efa9b5e77646
Parents: d98289b
Author: Murali Reddy <mu...@gmail.com>
Authored: Thu Jun 6 17:47:31 2013 +0530
Committer: Murali Reddy <mu...@gmail.com>
Committed: Thu Jun 6 17:49:47 2013 +0530
----------------------------------------------------------------------
.../com/cloud/upgrade/dao/Upgrade410to420.java | 360 +++++++++++++++++++
1 file changed, 360 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c0d89434/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java b/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java
index 955ea56..d8f90ad 100644
--- a/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java
+++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java
@@ -79,6 +79,7 @@ public class Upgrade410to420 implements DbUpgrade {
updateNetworkACLs(conn);
addHostDetailsIndex(conn);
updateNetworksForPrivateGateways(conn);
+ correctExternalNetworkDevicesSetup(conn);
removeFirewallServiceFromSharedNetworkOfferingWithSGService(conn);
fix22xKVMSnapshots(conn);
addIndexForAlert(conn);
@@ -1224,4 +1225,363 @@ public class Upgrade410to420 implements DbUpgrade {
}
}
}
+
+ // Corrects upgrade for deployment with F5 and SRX devices (pre 3.0) to network offering &
+ // network service provider paradigm
+ private void correctExternalNetworkDevicesSetup(Connection conn) {
+ PreparedStatement zoneSearchStmt = null, pNetworkStmt = null, f5DevicesStmt = null, srxDevicesStmt = null;
+ ResultSet zoneResults = null, pNetworksResults = null, f5DevicesResult = null, srxDevicesResult = null;
+
+ try {
+ zoneSearchStmt = conn.prepareStatement("SELECT id, networktype FROM `cloud`.`data_center`");
+ zoneResults = zoneSearchStmt.executeQuery();
+ while (zoneResults.next()) {
+ long zoneId = zoneResults.getLong(1);
+ String networkType = zoneResults.getString(2);
+
+ if (!com.cloud.dc.DataCenter.NetworkType.Advanced.toString().equalsIgnoreCase(networkType)) {
+ continue;
+ }
+
+ pNetworkStmt = conn.prepareStatement("SELECT id FROM `cloud`.`physical_network` where data_center_id=?");
+ pNetworkStmt.setLong(1, zoneId);
+ pNetworksResults = pNetworkStmt.executeQuery();
+ while (pNetworksResults.next()) {
+ long physicalNetworkId = pNetworksResults.getLong(1);
+ PreparedStatement fetchF5NspStmt = conn.prepareStatement("SELECT id from `cloud`.`physical_network_service_providers` where physical_network_id=" + physicalNetworkId
+ + " and provider_name = 'F5BigIp'");
+ ResultSet rsF5NSP = fetchF5NspStmt.executeQuery();
+ boolean hasF5Nsp = rsF5NSP.next();
+ fetchF5NspStmt.close();
+
+ // if there is no 'F5BigIP' physical network service provider added into physical network then
+ // add 'F5BigIP' as network service provider and add the entry in 'external_load_balancer_devices'
+ if (!hasF5Nsp) {
+ f5DevicesStmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalLoadBalancer' AND removed IS NULL");
+ f5DevicesStmt.setLong(1, zoneId);
+ f5DevicesResult = f5DevicesStmt.executeQuery();
+ // add F5BigIP provider and provider instance to physical network if there are any external load
+ // balancers added in the zone
+ while (f5DevicesResult.next()) {
+ long f5HostId = f5DevicesResult.getLong(1);;
+ addF5ServiceProvider(conn, physicalNetworkId, zoneId);
+ addF5LoadBalancer(conn, f5HostId, physicalNetworkId);
+ }
+ }
+
+ PreparedStatement fetchSRXNspStmt = conn.prepareStatement("SELECT id from `cloud`.`physical_network_service_providers` where physical_network_id=" + physicalNetworkId
+ + " and provider_name = 'JuniperSRX'");
+ ResultSet rsSRXNSP = fetchSRXNspStmt.executeQuery();
+ boolean hasSrxNsp = rsSRXNSP.next();
+ fetchSRXNspStmt.close();
+
+ // if there is no 'JuniperSRX' physical network service provider added into physical network then
+ // add 'JuniperSRX' as network service provider and add the entry in 'external_firewall_devices'
+ if (!hasSrxNsp) {
+ srxDevicesStmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalFirewall' AND removed IS NULL");
+ srxDevicesStmt.setLong(1, zoneId);
+ srxDevicesResult = srxDevicesStmt.executeQuery();
+ // add JuniperSRX provider and provider instance to physical network if there are any external
+ // firewall instances added in to the zone
+ while (srxDevicesResult.next()) {
+ long srxHostId = srxDevicesResult.getLong(1);
+ // add SRX provider and provider instance to physical network
+ addSrxServiceProvider(conn, physicalNetworkId, zoneId);
+ addSrxFirewall(conn, srxHostId, physicalNetworkId);
+ }
+ }
+ }
+ }
+
+ // not the network service provider has been provisioned in to physical network, mark all guest network
+ // to be using network offering 'Isolated with external providers'
+ fixZoneUsingExternalDevices(conn);
+
+ if (zoneResults != null) {
+ try {
+ zoneResults.close();
+ } catch (SQLException e) {
+ }
+ }
+
+ if (zoneSearchStmt != null) {
+ try {
+ zoneSearchStmt.close();
+ } catch (SQLException e) {
+ }
+ }
+ } catch (SQLException e) {
+ throw new CloudRuntimeException("Exception while adding PhysicalNetworks", e);
+ } finally {
+
+ }
+ }
+
+ private void addF5LoadBalancer(Connection conn, long hostId, long physicalNetworkId){
+ PreparedStatement pstmtUpdate = null;
+ try{
+ s_logger.debug("Adding F5 Big IP load balancer with host id " + hostId + " in to physical network" + physicalNetworkId);
+ String insertF5 = "INSERT INTO `cloud`.`external_load_balancer_devices` (physical_network_id, host_id, provider_name, " +
+ "device_name, capacity, is_dedicated, device_state, allocation_state, is_inline, is_managed, uuid) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
+ pstmtUpdate = conn.prepareStatement(insertF5);
+ pstmtUpdate.setLong(1, physicalNetworkId);
+ pstmtUpdate.setLong(2, hostId);
+ pstmtUpdate.setString(3, "F5BigIp");
+ pstmtUpdate.setString(4, "F5BigIpLoadBalancer");
+ pstmtUpdate.setLong(5, 0);
+ pstmtUpdate.setBoolean(6, false);
+ pstmtUpdate.setString(7, "Enabled");
+ pstmtUpdate.setString(8, "Shared");
+ pstmtUpdate.setBoolean(9, false);
+ pstmtUpdate.setBoolean(10, false);
+ pstmtUpdate.setString(11, UUID.randomUUID().toString());
+ pstmtUpdate.executeUpdate();
+ }catch (SQLException e) {
+ throw new CloudRuntimeException("Exception while adding F5 load balancer device" , e);
+ } finally {
+ if (pstmtUpdate != null) {
+ try {
+ pstmtUpdate.close();
+ } catch (SQLException e) {
+ }
+ }
+ }
+ }
+
+ private void addSrxFirewall(Connection conn, long hostId, long physicalNetworkId){
+ PreparedStatement pstmtUpdate = null;
+ try{
+ s_logger.debug("Adding SRX firewall device with host id " + hostId + " in to physical network" + physicalNetworkId);
+ String insertSrx = "INSERT INTO `cloud`.`external_firewall_devices` (physical_network_id, host_id, provider_name, " +
+ "device_name, capacity, is_dedicated, device_state, allocation_state, uuid) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?)";
+ pstmtUpdate = conn.prepareStatement(insertSrx);
+ pstmtUpdate.setLong(1, physicalNetworkId);
+ pstmtUpdate.setLong(2, hostId);
+ pstmtUpdate.setString(3, "JuniperSRX");
+ pstmtUpdate.setString(4, "JuniperSRXFirewall");
+ pstmtUpdate.setLong(5, 0);
+ pstmtUpdate.setBoolean(6, false);
+ pstmtUpdate.setString(7, "Enabled");
+ pstmtUpdate.setString(8, "Shared");
+ pstmtUpdate.setString(9, UUID.randomUUID().toString());
+ pstmtUpdate.executeUpdate();
+ }catch (SQLException e) {
+ throw new CloudRuntimeException("Exception while adding SRX firewall device ", e);
+ } finally {
+ if (pstmtUpdate != null) {
+ try {
+ pstmtUpdate.close();
+ } catch (SQLException e) {
+ }
+ }
+ }
+ }
+
+ private void addF5ServiceProvider(Connection conn, long physicalNetworkId, long zoneId){
+ PreparedStatement pstmtUpdate = null;
+ try{
+ // add physical network service provider - F5BigIp
+ s_logger.debug("Adding PhysicalNetworkServiceProvider F5BigIp" + " in to physical network" + physicalNetworkId);
+ String insertPNSP = "INSERT INTO `cloud`.`physical_network_service_providers` (`uuid`, `physical_network_id` , `provider_name`, `state` ," +
+ "`destination_physical_network_id`, `vpn_service_provided`, `dhcp_service_provided`, `dns_service_provided`, `gateway_service_provided`," +
+ "`firewall_service_provided`, `source_nat_service_provided`, `load_balance_service_provided`, `static_nat_service_provided`," +
+ "`port_forwarding_service_provided`, `user_data_service_provided`, `security_group_service_provided`) VALUES (?,?,?,?,0,0,0,0,0,0,0,1,0,0,0,0)";
+
+ pstmtUpdate = conn.prepareStatement(insertPNSP);
+ pstmtUpdate.setString(1, UUID.randomUUID().toString());
+ pstmtUpdate.setLong(2, physicalNetworkId);
+ pstmtUpdate.setString(3, "F5BigIp");
+ pstmtUpdate.setString(4, "Enabled");
+ pstmtUpdate.executeUpdate();
+ }catch (SQLException e) {
+ throw new CloudRuntimeException("Exception while adding PhysicalNetworkServiceProvider F5BigIp", e);
+ } finally {
+ if (pstmtUpdate != null) {
+ try {
+ pstmtUpdate.close();
+ } catch (SQLException e) {
+ }
+ }
+ }
+ }
+
+ private void addSrxServiceProvider(Connection conn, long physicalNetworkId, long zoneId){
+ PreparedStatement pstmtUpdate = null;
+ try{
+ // add physical network service provider - JuniperSRX
+ s_logger.debug("Adding PhysicalNetworkServiceProvider JuniperSRX");
+ String insertPNSP = "INSERT INTO `cloud`.`physical_network_service_providers` (`uuid`, `physical_network_id` , `provider_name`, `state` ," +
+ "`destination_physical_network_id`, `vpn_service_provided`, `dhcp_service_provided`, `dns_service_provided`, `gateway_service_provided`," +
+ "`firewall_service_provided`, `source_nat_service_provided`, `load_balance_service_provided`, `static_nat_service_provided`," +
+ "`port_forwarding_service_provided`, `user_data_service_provided`, `security_group_service_provided`) VALUES (?,?,?,?,0,0,0,0,1,1,1,0,1,1,0,0)";
+
+ pstmtUpdate = conn.prepareStatement(insertPNSP);
+ pstmtUpdate.setString(1, UUID.randomUUID().toString());
+ pstmtUpdate.setLong(2, physicalNetworkId);
+ pstmtUpdate.setString(3, "JuniperSRX");
+ pstmtUpdate.setString(4, "Enabled");
+ pstmtUpdate.executeUpdate();
+ }catch (SQLException e) {
+ throw new CloudRuntimeException("Exception while adding PhysicalNetworkServiceProvider JuniperSRX" , e);
+ } finally {
+ if (pstmtUpdate != null) {
+ try {
+ pstmtUpdate.close();
+ } catch (SQLException e) {
+ }
+ }
+ }
+ }
+
+ // This method does two things
+ //
+ // 1) ensure that networks using external load balancer/firewall in deployments prior to release 3.0
+ // has entry in network_external_lb_device_map and network_external_firewall_device_map
+ //
+ // 2) Some keys of host details for F5 and SRX devices were stored in Camel Case in 2.x releases. From 3.0
+ // they are made in lowercase. On upgrade change the host details name to lower case
+ private void fixZoneUsingExternalDevices(Connection conn) {
+ //Get zones to upgrade
+ List<Long> zoneIds = new ArrayList<Long>();
+ PreparedStatement pstmt = null;
+ PreparedStatement pstmtUpdate = null;
+ ResultSet rs = null;
+ long networkOfferingId, networkId;
+ long f5DeviceId, f5HostId;
+ long srxDevivceId, srxHostId;
+
+ try {
+ pstmt = conn.prepareStatement("select id from `cloud`.`data_center` where lb_provider='F5BigIp' or firewall_provider='JuniperSRX' or gateway_provider='JuniperSRX'");
+ rs = pstmt.executeQuery();
+ while (rs.next()) {
+ zoneIds.add(rs.getLong(1));
+ }
+ } catch (SQLException e) {
+ throw new CloudRuntimeException("Unable to create network to LB & firewall device mapping for networks that use them", e);
+ }
+
+ if (zoneIds.size() == 0) {
+ return; // no zones using F5 and SRX devices so return
+ }
+
+ // find the default network offering created for external devices during upgrade from 2.2.14
+ try {
+ pstmt = conn.prepareStatement("select id from `cloud`.`network_offerings` where unique_name='Isolated with external providers' ");
+ rs = pstmt.executeQuery();
+ if (rs.first()) {
+ networkOfferingId = rs.getLong(1);
+ } else {
+ throw new CloudRuntimeException("Cannot upgrade as there is no 'Isolated with external providers' network offering crearted .");
+ }
+ } catch (SQLException e) {
+ throw new CloudRuntimeException("Unable to create network to LB & firewalla device mapping for networks that use them", e);
+ }
+
+ for (Long zoneId : zoneIds) {
+ try {
+ // find the F5 device id in the zone
+ pstmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalLoadBalancer' AND removed IS NULL");
+ pstmt.setLong(1, zoneId);
+ rs = pstmt.executeQuery();
+ if (rs.first()) {
+ f5HostId = rs.getLong(1);
+ } else {
+ throw new CloudRuntimeException("Cannot upgrade as there is no F5 load balancer device found in data center " + zoneId);
+ }
+ pstmt = conn.prepareStatement("SELECT id FROM external_load_balancer_devices WHERE host_id=?");
+ pstmt.setLong(1, f5HostId);
+ rs = pstmt.executeQuery();
+ if (rs.first()) {
+ f5DeviceId = rs.getLong(1);
+ } else {
+ throw new CloudRuntimeException("Cannot upgrade as there is no F5 load balancer device with host ID " + f5HostId + " found in external_load_balancer_device");
+ }
+
+ // find the SRX device id in the zone
+ pstmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalFirewall' AND removed IS NULL");
+ pstmt.setLong(1, zoneId);
+ rs = pstmt.executeQuery();
+ if (rs.first()) {
+ srxHostId = rs.getLong(1);
+ } else {
+ throw new CloudRuntimeException("Cannot upgrade as there is no SRX firewall device found in data center " + zoneId);
+ }
+ pstmt = conn.prepareStatement("SELECT id FROM external_firewall_devices WHERE host_id=?");
+ pstmt.setLong(1, srxHostId);
+ rs = pstmt.executeQuery();
+ if (rs.first()) {
+ srxDevivceId = rs.getLong(1);
+ } else {
+ throw new CloudRuntimeException("Cannot upgrade as there is no SRX firewall device found with host ID " + srxHostId + " found in external_firewall_devices");
+ }
+
+ // check if network any uses F5 or SRX devices in the zone
+ pstmt = conn.prepareStatement("select id from `cloud`.`networks` where guest_type='Virtual' and data_center_id=? and network_offering_id=? and removed IS NULL");
+ pstmt.setLong(1, zoneId);
+ pstmt.setLong(2, networkOfferingId);
+ rs = pstmt.executeQuery();
+ while (rs.next()) {
+ // get the network Id
+ networkId = rs.getLong(1);
+
+ // add mapping for the network in network_external_lb_device_map
+ String insertLbMapping = "INSERT INTO `cloud`.`network_external_lb_device_map` (uuid, network_id, external_load_balancer_device_id, created) VALUES ( ?, ?, ?, now())";
+ pstmtUpdate = conn.prepareStatement(insertLbMapping);
+ pstmtUpdate.setString(1, UUID.randomUUID().toString());
+ pstmtUpdate.setLong(2, networkId);
+ pstmtUpdate.setLong(3, f5DeviceId);
+ pstmtUpdate.executeUpdate();
+ s_logger.debug("Successfully added entry in network_external_lb_device_map for network " + networkId + " and F5 device ID " + f5DeviceId);
+
+ // add mapping for the network in network_external_firewall_device_map
+ String insertFwMapping = "INSERT INTO `cloud`.`network_external_firewall_device_map` (uuid, network_id, external_firewall_device_id, created) VALUES ( ?, ?, ?, now())";
+ pstmtUpdate = conn.prepareStatement(insertFwMapping);
+ pstmtUpdate.setString(1, UUID.randomUUID().toString());
+ pstmtUpdate.setLong(2, networkId);
+ pstmtUpdate.setLong(3, srxDevivceId);
+ pstmtUpdate.executeUpdate();
+ s_logger.debug("Successfully added entry in network_external_firewall_device_map for network " + networkId + " and SRX device ID " + srxDevivceId);
+ }
+
+ // update host details for F5 and SRX devices
+ s_logger.debug("Updating the host details for F5 and SRX devices");
+ pstmt = conn.prepareStatement("SELECT host_id, name FROM `cloud`.`host_details` WHERE host_id=? OR host_id=?");
+ pstmt.setLong(1, f5HostId);
+ pstmt.setLong(2, srxHostId);
+ rs = pstmt.executeQuery();
+ while (rs.next()) {
+ long hostId = rs.getLong(1);
+ String camlCaseName = rs.getString(2);
+ if (!(camlCaseName.equalsIgnoreCase("numRetries") ||
+ camlCaseName.equalsIgnoreCase("publicZone") ||
+ camlCaseName.equalsIgnoreCase("privateZone") ||
+ camlCaseName.equalsIgnoreCase("publicInterface") ||
+ camlCaseName.equalsIgnoreCase("privateInterface") ||
+ camlCaseName.equalsIgnoreCase("usageInterface") )) {
+ continue;
+ }
+ String lowerCaseName = camlCaseName.toLowerCase();
+ pstmt = conn.prepareStatement("update `cloud`.`host_details` set name=? where host_id=? AND name=?");
+ pstmt.setString(1, lowerCaseName);
+ pstmt.setLong(2, hostId);
+ pstmt.setString(3, camlCaseName);
+ pstmt.executeUpdate();
+ }
+ s_logger.debug("Successfully updated host details for F5 and SRX devices");
+ } catch (SQLException e) {
+ throw new CloudRuntimeException("Unable create a mapping for the networks in network_external_lb_device_map and network_external_firewall_device_map", e);
+ } finally {
+ try {
+ if (rs != null) {
+ rs.close();
+ }
+ if (pstmt != null) {
+ pstmt.close();
+ }
+ } catch (SQLException e) {
+ }
+ }
+ s_logger.info("Successfully upgraded network using F5 and SRX devices to have a entry in the network_external_lb_device_map and network_external_firewall_device_map");
+ }
+ }
}